package dhee.wtqshopproject.utils;

import org.apache.commons.lang3.RandomStringUtils;
import org.springframework.util.DigestUtils;

public class SecurityUtil {

    // 生成随机盐值 (6位字母数字组合)
    public static String generateSalt() {
        return RandomStringUtils.randomAlphanumeric(6);
    }

    // 密码加密：MD5(密码 + salt)
    public static String encryptPassword(String password, String salt) {
        String saltedPass = password + salt;
        return DigestUtils.md5DigestAsHex(saltedPass.getBytes());
    }

    // 验证密码
    public static boolean verifyPassword(String inputPassword, String storedPassword, String salt) {
        String encryptedInput = encryptPassword(inputPassword, salt);
        return encryptedInput.equals(storedPassword);
    }
}